|
Description
|
|
A vulnerability has been identified in RunCMS, which may be exploited by remote attackers to execute arbitrary SQL commands. This flaw is due to an input validation error in the "modules/messages/pmlite.php" script that fails to properly validate the "to_userid" parameter before being used in SQL statements, which could be exploited by malicious people to conduct SQL injection attacks.
|
